Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

make-bootstrap-tools: add libssp to allow stack protector to work #80497

Merged
merged 1 commit into from Mar 7, 2020

Conversation

@lopsided98
Copy link
Contributor

lopsided98 commented Feb 19, 2020

Motivation for this change

The bootstrap tools lack libssp.a and libssp_nonshared.a, which causes linker errors when attempting to use stack protection, at least on 32-bit ARM. This PR is related to #79793 and needs to be merged first so that Hydra can build working bootstrap tarballs.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

cc @samueldr @thefloweringash

@LnL7
LnL7 approved these changes Mar 5, 2020
Copy link
Member

LnL7 left a comment

I'm not very familiar with linux bootstrapping, but looks good to me otherwise.

@grahamc
Copy link
Member

grahamc commented Mar 5, 2020

(vcunat said he'd take a look soon)

@grahamc grahamc merged commit 47a7741 into NixOS:master Mar 7, 2020
12 checks passed
12 checks passed
Evaluation Performance Report Evaluator Performance Report
Details
grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-darwin nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A darwin-tested
Details
grahamcofborg-eval-nixos nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release-combined.nix -A tested
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details
Copy link
Member

vcunat left a comment

I'm a bit late, but anyway...

👍 though I trust you on this change being sufficient to fix those 32-bit ARMs. These libs are tiny (27k together on x86_64) and adding them seems very unlikely to break anything.


I still have no idea why platforms differ in needing this stack-protector stuff during bootstrap, but that doesn't seem important. Also it's unclear to me how to choose between *.a and *.so for bootGCC libs; static ones seem safer if they work, with respect to the risk of retaining references when using the resulting boodstrap tools... so 👍 for choosing that here.

grahamc added a commit that referenced this pull request Mar 8, 2020
grahamc added a commit that referenced this pull request Mar 8, 2020
@lopsided98
Copy link
Contributor Author

lopsided98 commented Mar 8, 2020

Also it's unclear to me how to choose between *.a and *.so for bootGCC libs; static ones seem safer if they work, with respect to the risk of retaining references when using the resulting boodstrap tools... so +1 for choosing that here.

I originally tried adding the .so, and it resulted in a reference to the bootstrap tools. From what I can tell, GCC normally prefers the static library anyway, even if both are available.

@lopsided98 lopsided98 deleted the lopsided98:bootstrap-libssp branch Mar 8, 2020
grahamc added a commit that referenced this pull request Mar 8, 2020
grahamc added a commit that referenced this pull request Mar 8, 2020
@vcunat vcunat mentioned this pull request Mar 8, 2020
0 of 10 tasks complete
grahamc added a commit that referenced this pull request Mar 16, 2020
arthurl added a commit to arthurl/nixpkgs that referenced this pull request Apr 4, 2020
arthurl added a commit to arthurl/nixpkgs that referenced this pull request Apr 4, 2020
arthurl added a commit to arthurl/nixpkgs that referenced this pull request Apr 4, 2020
cript0nauta added a commit to cript0nauta/nixpkgs that referenced this pull request Apr 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants
You can’t perform that action at this time.